Accounted time is shown in the Ticket Detail View (External Interface), even if ExternalFrontend::TicketDetailView###AccountedTimeDisplay is disabled. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Information Disclosure
Otrs
NVD
CVSS 3.1
4.3
EPSS
0.6%
Prev
Page 2 of 2